General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Add QOS for same source but different times & BW

We want to have different qos restrictions at different times for a single source ip. traffic from source to destination is over a tunnel. How can i achieve this, i can not assign multple qos profiles to same tunnel interface.

raji_toor by L4 Transporter
  • 4061 Views
  • 3 replies
  • 0 Likes

Mac connected in VPN doesn't work

Hi Guys,

 

customer connected a Mac (OSX 10.13.2) using global protect and other vpn client (native and cisco), but i can't reach a remote server.

 

Doing a packet capture i found the PA (pa-3020, 7.1.14) doesn't forward the reply packet.

[Mac]--------->[

...

DKanta by L3 Networker
  • 2437 Views
  • 2 replies
  • 0 Likes

Login BANNER variables?

Question.  Does Palo alto have any variables that return the Devicename or Hostname?

 

I want to create a Template in Panorama with the login banner settings and then push this out via a template stack to the devices.  But I want  each device to return

...

PARKS by L0 Member
  • 1732 Views
  • 1 replies
  • 0 Likes

Resolved! Captive Portal settings

I am running Palo Alto Pan OS version 7.1.11 and need to adjust my captive portal settings. How do I disable or bypass the captive portal for particular networks. I have a guest network that I do not want any authentation and need to make sure the us

...

rmsdip3 by L1 Bithead
  • 2948 Views
  • 4 replies
  • 0 Likes

How to limit application or rule sessions

Hello.

 

 

Let's going to say that I have the following scenario:

 

- 1 remote server where can be connected just two users at the same time

- Group of 3 users (Group 1 => user1, user2, user3)

- Group of 3 users (Group2 => user4, user5, user6)

 

I would like

...

m.molina by L1 Bithead
  • 2071 Views
  • 1 replies
  • 0 Likes

Dataplane under severe load - Log entries

I see occasional "Dataplane under severe load" log entries.  It is now occurring most days, sometimes a few times a day.  Our monitoring system never shows the CPU average over 30% so whenever it happens it is apparently very brief.  I also have neve

...

dp high load.PNG
DMast by L2 Linker
  • 3399 Views
  • 3 replies
  • 0 Likes

SSLCipherSuite for httpd?

Hello all,

 

Does anyone have an SSLCipherSuite available for httpd that will work well allowing decryption but maintaining the highest level of security?

 

The documentation here reflects the supported ciphers, but I'm having some trouble translating th

...

Resolved! How much hardware can I assign to the Virtual Firewall?

Hello, everybody.

 

I want to acquire the VM-300 virtual firewall which is equal to the VM-1000-HV, for KVM.

 

I do not wonder what the minimum requirements are.

 

I wonder how much is the maximum I can assign from Memory Ram and Cores to this virtual fire

...

javihere by L1 Bithead
  • 1670 Views
  • 1 replies
  • 0 Likes

Stop web browsing to ssl

The external IP of our WiFi controller requires 443 to be open to the internet, so we have this open on our inbound rule>external IP of the controller.  443 needs to be open but we don't want this to be accessible via a web browser - as currently thi

...

Resolved! Schedule a rollback to last known good configuration

Hi all,

 

Is it possible to rollback to 'last known good' configuration, or even previously running config.

 

Say for example I make some changes and issue a commit, then subsequently lose connectivity. Is there a mechanism to schedule a rollback to prev

...

nawaza by L2 Linker
  • 5114 Views
  • 6 replies
  • 0 Likes

RTP and RTCP traffic jumping rule

Hi,

 

We have created a rule for Voice IP.

 

Zone A to Zone B / Application RTP - RTCP / Service ANY / PERMIT

 

So all the voice RTP connections should matched in the previous rule, but we are seeing connections which should be matched the previous rule bu

...

Upgrade traps

Hi,

 

Any advice about upgrading traps from 3.4 to 4.0?? can i install directly 4.0.4???

We have an external database. 3 Cores, 2 Console. Any order to do this upgrade or procedure???

thanks

Resolved! Failed commiting config from Panorama

Hi,

 

We have a Panorama with several FWs managed. We commited the config but in one of these FWs was failed.

Looking in panorama we see that this device is out of sync (in templates and shred policy). how can i force this commit?? or to have any reason

...

  • 24034 Posts
  • 102 Subscriptions
Top Liked Authors
Labels